Swordphish

We're glad you are enjoying Swordphish! To score more URLs and get the full experience, be sure to sign up for the Beta.

Swordphish Results

The following results are provided by pre-trained Swordphish machine learning-classifiers. Swordphish does not render or evaluate content, but provides predictions based on approximately 50 features of the URL itself.

Predict vs. React

Hackers use VirusTotal too. Swordphish predicts the maliciousness of any URL or domain. Phishing, Malware C&C and Ransomware DGA. No blacklists.

Request your API Key Now!

FAQ

What is Swordphish?

Swordphish is a predictive tool that helps companies determine whether a URL or domain is likely to be malicious. Swordphish leverages a simple REST-based API that was designed to allow users to inject intelligence into existing anti-fraud and enterprise security use-cases. More specifically, Swordphish consists of three discrete machine learning-classifiers that have been trained to differentiate between “good” URLs/domains and “bad” URLs/domains.

Why do I need Swordphish?

There is nothing really new about web-based services, lookup engines or APIs that provide reputation about IP addresses, domains, URLs, etc. These have been around for decades and are already leveraged by nearly every type of infosec solution (firewalls, proxies, content filters, etc.). These rely on either proprietary or community-driven blacklists, or a combination of the two. These systems are very effective, have low(er) false positives and are easy to implement. However, they are also completely backward looking. Swordphish is designed to be entirely predictive. The classifiers contained within do not have any blacklist-based context. They are designed with prediction in mind. In short, blacklists look backward, Swordphish looks forward.

What can Swordphish tell me?

Swordphish currently supports three discrete classifiers, each trained to understand the unique features related to phishing, traditional malware C&C, and malware DGA (domain generating algorithms). The user supplies a single URL or domain, or a set of URLs or domains and is returned a probability that each URL/domain is likely to be malicious or not, according to each classifier. This can be quite useful for any use-case that requires insight around URL/domain maliciousness at scale, and quickly. Additionally, since we don’t rely on blacklists, Swordphish is quite adept at uncovering malicious phishing and C&C infrastructure that is brand-new, or zero-day.

What use-cases can Swordphish enhance or enable?

There are several that we have already identified and we expect to identify many more. For example:

Why did you build Swordphish?

We were seeking a way to triage massive numbers of URLs quickly as part of our malicious site detection and takedown service called Detect Monitoring Service (DMS). Our team uses Swordphish internally as a tool to automatically score and identify phishing in near real-time. We believe that our customers can also leverage Swordphish for their own use-cases as well.

How fast is Swordphish?

The classifiers themselves are extremely fast (~10ms per lookup). The majority of the request time is from round-trip latency, which is about 100ms on average.

How many requests per second can I submit?

Each API key will be restricted to 200 requests per second. If you need more, let us know.

How do the classifiers work?

For Developers, refer to the technical document on our site (Developers page), but in short—we extracted around 60 features from URLs and domains from our training sets of millions of domains/URLs. From that process, Swordphish learned to classify URLS and domains with a high-degree of accuracy by only analyzing the URL itself. This is an important point, Swordphish does not render the page, lookup the domain in the DNS or rely on any external context—just the structure of the URL itself. Scores are returned as a value between 0 and 1. Zero means highest probability that the input is good, 1 means the highest probability that the URL is bad.

How accurate is Swordphish?

Most machine-learning or predictive classifiers measure accuracy along a curve. In our testing of Swordphish, we found that the Phishing classifier had a F1-Score of 0.94 and an accuracy of over 95% with results above a 0.6 threshold. Your mileage may vary.

Developer Information

Calling the Swordphish API

The Application Programming Interface (API) allows customers to interact with our cloud-based service using industry standards. Swordphish supports the JSON output format. Please refer to the Swordphish Github repository for some Swordphish API testing tools: https://github.com/easysolutionsinc/swordphish. The API is accessed through a simple URL via HTTP or HTTPS.

Swordphish supports traditional API key authentication. API keys are delivered to each user via email upon approval and key provisioning. A well-formed API key must be supplied within the HTTP header of each query. Queries with invalid keys will return a 401 error. To call the API, simply make a request with the key in a header. For more assistance, please look for details in the query format.

Calling the Swordphish API

URL FORMAT:https://api.easysol.io/swordphish/

HTTP VERB:POST

HEADER:Apikey: [api key]
Content-type: application/json

PAYLOAD:{
"urlArray": [ "URL 1","URL 2","...","URL n"]
"force_clf": true
}
urlArray(JSON Array): (mandatory) JSON array with all URLs to analyze. The maximum number of allowed URLs per call is 1000. An error response 400 is shown if maximum is surpassed.
force_clf (Boolean): (mandatory) true or false”
Set force_clf to “true” to ignore Alexa ranking and force the return of classifier values.

Error Response 401Code: 401: Unauthorized Cause: No API key was sent in headers. You should have to send an API key header with appropriate valueContent:
{"message":"No API Key found in headers, body or querystring"}

Error Response 405Code: 405: Method Not Allowed Cause: You called Swordphish API using a wrong HTTP Verb. The only HTTP Verb supported by now is POSTContent:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"><title>405 Method Not Allowed</title><h1>Method Not Allowed</h1><p>The method is not allowed for the requested URL.</p>

Usability Considerations

Swordphish is designed to score URLs and domains based solely on the structure and contents of the URL itself. Since Swordphish only requires a URL as an input, it can be used for many different use-cases and is very fast. However, Swordphish is not a blacklist. A user should not expect Swordphish to return results that are identical to blacklists. While blacklists usually contain some sense of temporal scoring (i.e., blacklists become more accurate over time) Swordphish performs best where blacklists are weak—closer to zero hour.

Swordphish Scoring Methodology

Swordphish combines statistical analysis of a URL and a machine learning classifier to accurately classify phishing and malware related URLs based only on the URL itself. Classification based on URLs facilitates a defense against all phishing and malware attacks due to the features they all share, a URL. The algorithm extracts over fifty features based on analyzing the structure of the URL, for example by estimating Kullback-Leibler Divergence between the normalized character frequency of the English language and the URL. Other features include the character frequencies, the number of “@” and “-” symbols, the number of top-level domains in the URL, whether the URL is an IP address, the length and the number of suspicious words in the URL.

The results confirm that a simple defense vector as this has shown great technical results due to its simplicity and excellent statistical measures of performance. The resulting phishing model had a F1-Score of 0.94, an accuracy of over 95% and showed great stability in the holdout set.

Swordphish returns a set of decimal values between 0 and 1. For most practical applications, return values greater than or equal to 0.6 should be considered highly suspicious and highly likely to be phishing URLs. As a rule of thumb, higher probabilities yield lower false-positives and higher false negatives and vice versa.

Technical Description

Cyxtera provides a suite of anti-fraud products and services that attack fraud at
every stage of the process, from recon and targeting, to setup and launch to cash-out. In our
efforts to minimize the impact of fraud in the earliest stages, we have built a suite of
technologies to rapidly identify threats in a highly automated fashion. Swordphish was developed in
this spirit to advance the state-of-the-art in high-volume and low-latency phishing detection.
Existing phishing classification programs rely on inefficient mechanisms that blend rules, filters,
signatures and manual classification to predict and accurately classify phishing attacks. These
techniques are slow and create the conditions required for phishing attacks to remain profitable for
attackers.

Swordphish is a web-based, RESTful API interface connected to a high-performance and scalable
web infrastructure designed with a single purpose—to classify any URL as phishing or benign in
milliseconds. Swordphish is built upon an advanced supervised machine learning implementation
leveraging random forests. This approach allows Swordphish to classify any well-formed URL with
95% accuracy.

Tool Description

Swordphish delivers the fastest, most comprehensive and most accurate phishing URL services on
the market. Swordphish is based upon a proprietary supervised machine-learning system that is
trained to automatically predict the likelihood that any URL is associated with a phishing attack.
This predictive capability is based upon historical and on-going training of the Swordphish classifier
with millions of URLs.

Cyxtera provides phishing detection, threat detection and takedown services for hundreds
of global banks. Swordphish allows any organization to leverage some of our same internal
threat detection capabilities into their existing workflow via a lightweight, RESTFul API.
Swordphish was designed expressly to add accuracy, efficiency and automation to existing threat
detection and classification workflows.

Swordphish – Benefits

Phishing attacks still continue today despite huge advancements in spam filtering, education,
content detection and hosting countermeasures. Even phishing attacks that are hosted for minutes
or hours provide enough incentive for attackers to continue to stage and launch phishing attacks.
Swordphish provides the following benefits:

Easy Solutions, Inc. A Cyxtera Business

Software as a Service (SaaS) License Agreement

SOFTWARE AS A SERVICE. Subject to the terms and conditions of this Agreement, as of the Activation Date (as defined below), Easy Solutions, Inc. (“Company”) agrees to provide Customer with online access to the Company software product offering identified as Swordphish (“Swordphish Service”). Customer’s use of the Swordfish Service is subject to any restrictions imposed by Company, which may include, without limitation, restrictions on the number of authorized Customer users, maximum log file size and number of modules. “Customer Data” means any data, information or material submitted by Customer during its usage of the Swordfish Service. The Swordfish Service may only be accessed and used by the specific named user specified during account registration (“Named User”). “Activation Date” means the specific date on which the Swordfish Service is scheduled to be made available online for Customer to use. Company shall use its reasonable efforts to make the Swordfish Service available to Customer on or about the Activation Date. By authenticating to the Swordfish Service web site, Customer is accepting this Agreement and agreeing to the terms of this Agreement.

LICENSE GRANT. Subject to the terms and conditions of this Agreement, Company hereby grants to Customer a limited, non-exclusive, non-transferable license (without the right to sublicense) to access and use the Swordfish Service, in object code form, solely for internal business purposes in accordance with any applicable documentation.

LICENSE RESTRICTIONS. Customer shall not, directly or indirectly, or permit the Named User to, (i) reverse engineer, decompile, disassemble or otherwise attempt to discover the source code or underlying ideas or algorithms of the Swordfish Service; (ii) modify or create derivative works based on the Swordfish Service or any related documentation; (iii) rent, lease, distribute, sell, resell, assign, or otherwise transfer its rights to use the Swordfish Service; (iv) use the Swordfish Service for timesharing or service bureau purposes or otherwise for the benefit of a third party; (v) remove any proprietary notices from the Swordfish Service or any other Company materials furnished or made available hereunder; (vi) publish or disclose to third parties any evaluation of the Swordfish Service without Company's prior written consent; (vii) use the Swordfish Service to develop a database, online or similar database service, or other information resource of any kind (print, electronic or otherwise) for sale to, distribution to, display to or use by others; (viii) store in a retrieval system accessible to the public, transfer, publish, distribute, display to others, broadcast, sell or sublicense the Swordfish Service, or any portion thereof; or (ix) pre-fetch, retrieve, cache, index, or store any portion of the Swordfish Service; provided, however, Customer may store limited amounts of data provided by the Swordfish Service for internal use so long as such storage is done temporarily, securely, and in a manner that does not permit use of the data outside of the Swordfish Service.

SECURITY.

API Keys. If applicable, Company shall issue to Customer, or shall authorize a Customer administrator to issue, an API key for the Named User of the Swordfish Service. Customer and the Named User are responsible for maintaining the confidentiality of all API keys and for ensuring that each API key is used only by the Named User. Customer is entirely responsible for any and all activities that occur under Customer's account and all charges incurred from use of the Swordfish Service accessed with Customer’s API keys. Customer agrees to immediately notify Company of any unauthorized use of Customer's account (including the API key of the Named User accessing the Swordfish Service by means of Customer's account) or any other breach of security known to Customer. Company shall have no liability for any loss or damage arising from Customer's failure to comply with these requirements.

Security. Company agrees to exercise reasonable efforts to implement reasonable security measures in connection with the Swordfish Service. Customer acknowledges that, notwithstanding such security precautions, use of, or connection to, the Internet provides the opportunity for unauthorized third parties to circumvent such precautions and illegally gain access to the Swordfish Service and Customer Data. Accordingly, Company cannot and does not guaranty the privacy, security, integrity or authenticity of any Customer Data or information so transmitted over or stored in any system connected to the Internet or that any such security precautions will be adequate or sufficient.

OWNERSHIP. Customer acknowledges that, as between Company and Customer, all right, title and interest in the Swordfish Service and any other Company materials furnished or made available hereunder, and all modifications and enhancements thereof, including all rights under copyright and patent and other intellectual property rights, belong to and are retained solely by Company or Company’s licensors and providers, as applicable. There are no implied rights.

CUSTOMER OBLIGATIONS.

Hardware. Customer is responsible for obtaining and maintaining all computer hardware, software and communications equipment needed to access and use the Swordfish Service, and for paying all third-party fees and access charges (e.g., ISP, telecommunications, etc.) incurred while using the Swordfish Service.

Customer Data. Customer represents and warrants that it is in compliance with and will comply with all applicable privacy and data protection laws and regulations with respect to any Customer Data uploaded or submitted to the Swordfish Service and its performance of its obligations under this Agreement.

Conduct. Customer shall be solely responsible for its actions and the actions of the Named User while using the Swordfish Service. Customer acknowledges and agrees (i) that Customer assumes the risk for use of the Swordfish Service; (ii) that Customer is responsible for selecting appropriate remediation for, and resolving, any issues found on Customer’s network or in Customer’s web traffic through use of the Swordfish Service; and (iii) that Company is not liable for, or responsible to, remediate any issues found on Customer’s network or in Customer’s web traffic through use of the Swordfish Service. Customer agrees: (a) to abide by all local, state, national, and international laws and regulations applicable to Customer's use of the Swordfish Service; (b) not to send or store data on or to the Swordfish Service which violates the rights of any individual or entity established in any jurisdiction; (c) not to use the Swordfish Service for illegal, fraudulent, unethical or inappropriate purposes; (d) not to interfere or disrupt networks connected to the Swordfish Service or interfere with other ability to access or use the Swordfish Service; and (e) not to transmit or post any material that encourages conduct that could constitute a criminal offense or give rise to civil liability; Customer acknowledges and agrees that Company neither endorses the contents of any customer communications or Customer Data or other Customer content nor assumes any responsibility for any infringement of third party intellectual property rights arising therefrom or any crime facilitated thereby.

FEES.

Service begins as soon as your order is processed. Full payment of the stated annual rate, plus any applicable taxes, is due within 30 days of invoice. This Agreement will renew automatically, on the annual renewal date, until cancelled by either party providing the other party with written notice at least thirty (30) days prior to the expiration of the then-current term. Renewal rates are subject to change.

TERM. This Agreement commences on the date the Customer submits a request for the Swordfish Service from an API Key, and access to the Swordfish Service shall commence on the Activation Date and this Agreement shall continue for a period of one (1) year following Customer’s submission of such request.

TERMINATION

Breach. Except as otherwise provided herein, either party may terminate this Agreement upon written notice if the other party has breached a material term of this Agreement and has not cured such breach within thirty (30) days of receipt of notice from the non-breaching party specifying the breach.

Convenience. Company may terminate this Agreement at any time upon thirty (30) days’ prior written notice to Customer.

Customer Conduct. Company may suspend or terminate access to the Swordfish Service, at its sole option, immediately with or without notice to Customer if Customer breaches Section 6.2 or 6.3 of this Agreement.

Effect of Termination. Company shall not be liable to Customer or any third party for suspension or termination of Customer’s access to, or right to use, the Swordfish Service under this Agreement. Upon the effective date of expiration or termination of this Agreement for any reason, whether by Customer or Company, Customer's right to use the Swordfish Service shall immediately cease. Upon the expiration or termination of this Agreement, Customer and the Named User’s access to the Swordfish Service will terminate and Customer shall cease accessing and using the Swordfish Service immediately. Sections 5, 6, 9.4, 10, 11, 12, 13 and 14 of this Agreement shall survive its expiration or termination for any reason. Company shall retain Customer’s Customer Data files for a period of thirty (30) days after expiration or termination of this Agreement. Customer may request that Company conduct a mass export of Customer’s Customer Data files and the database, and Company agrees to provide such services at its then-current rates on a time and materials basis. After thirty (30) days, Company will delete and destroy all of Customer’s Customer Data files without notice or further liability to Customer.

CONFIDENTIALITY.

Obligations. Each of the parties agrees to maintain in confidence any non-public information of the other party, whether written or otherwise, disclosed by the other party in the course of performance of this Agreement that a party knows or reasonably should know is considered confidential by the disclosing party (“Confidential Information”). The parties hereby agree that Confidential Information includes the terms and conditions of this Agreement, and any discussions related thereto and that the Swordfish Service constitute Confidential Information of Company. The receiving party shall not disclose, use, transmit, inform or make available to any entity, person or body any of the Confidential Information, except as a necessary part of exercising its rights or performing its obligations hereunder, and shall take all such actions as are reasonably necessary and appropriate to preserve and protect the Confidential Information and the parties’ respective rights therein, at all times exercising at least a reasonable level of care. Each party agrees to restrict access to the Confidential Information of the other party to those employees or agents who require access in order to perform hereunder, and, except as otherwise provided, neither party shall make Confidential Information available to any other person or entity without the prior written consent of the other party.

Exclusions. Confidential Information shall not include any information that is (i) already known to the receiving party at the time of the disclosure; (ii) publicly known at the time of the disclosure or becomes publicly known through no wrongful act or failure of the receiving party; (iii) subsequently disclosed to the receiving party on a non-confidential basis by a third party not having a confidential relationship with the other party hereto that rightfully acquired such information; or (iv) communicated to a third party by the receiving party with the express written consent of the other party hereto. A disclosure of Confidential Information that is legally compelled to be disclosed pursuant to a subpoena, summons, order or other judicial or governmental process shall not be considered a breach of this Agreement; provided the receiving party provides prompt notice of any such subpoena, order, or the like to the other party so that such party will have the opportunity to obtain a protective order or otherwise oppose the disclosure.

Destruction or Return of Confidential Information. Upon expiration or termination of this Agreement for any reason, each party shall promptly return to the other party, or destroy, as the parties agree, all copies of the other party’s Confidential Information. All copies, notes or other derivative material relating to the Confidential Information shall be promptly retrieved or destroyed, as agreed, and no such material shall be retained or used by the receiving party in any form or for any reason.

“AS IS” SWORDFISH SERVICE; WARRANTY DISCLAIMER. CUSTOMER ACKNOWLEDGES THAT THE SWORDFISH SERVICE IS PROVIDED ON AN ‘”AS IS” BASIS. THE SWORDFISH SERVICE MAY CONTAIN ERRORS, DEFECTS AND OTHER PROBLEMS THAT COULD CAUSE SYSTEM FAILURES AND LOSS OF DATA. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, COMPANY AND ITS LICENSORS AND SUPPLIERS EXPRESSLY DISCLAIM ALL, AND MAKE NO, WARRANTIES (WHETHER EXPRESS, STATUTORY, IMPLIED OR OTHERWISE ARISING IN LAW OR FROM A COURSE OF DEALING OR USAGE OF TRADE) FOR THE SWORDFISH SERVICE OR SUPPORT, INCLUDING, WITHOUT LIMITATION, THE CONDITIONS AND/OR WARRANTIES OF MERCHANTABILITY, MERCHANTABLE QUALITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT OF THIRD PARTY RIGHTS. COMPANY DOES NOT WARRANT THAT THE FUNCTIONS CONTAINED IN THE SWORDFISH SERVICE WILL MEET CUSTOMER'S REQUIREMENTS OR THAT THE OPERATION OF THE SWORDFISH SERVICE WILL BE UNINTERRUPTED OR ERROR-FREE. COMPANY DOES NOT WARRANT THAT THE SWORDFISH SERVICE WILL IDENTIFY ALL VIRUSES OR THAT THE SWORDFISH SERVICE WILL NOT OCCASIONALLY REPORT A VIRUS IN A TITLE NOT INFECTED BY THAT VIRUS.

INDEMNIFICATION. Customer shall indemnify, defend, and hold Company harmless against any third party claim, suit or demand, and any loss or liability arising therefrom, including reasonable legal costs and fees, brought against Company based on a claim: (i) of any breach of this Agreement by Customer, its affiliates, or the Named User or its other employees, agents, successors and assigns; and (ii) relating to or based on the activities conducted by Customer, its affiliates or the Named User or its other employees, contractors and agents, using or that used the Swordfish Service. Company will notify Customer in writing of such claim or suit and give all information and assistance reasonably requested by Customer or such designee.

LIMITATION OF LIABILITY.

Limitation on Direct Damages. IN NO EVENT SHALL COMPANY’S AGGREGATE LIABILITY, IF ANY, ARISING OUT OF OR IN ANY WAY RELATED TO THIS AGREEMENT EXCEED $100.00, WITHOUT REGARD TO WHETHER SUCH CLAIM IS BASED IN CONTRACT, TORT (INCLUDING NEGLIGENCE), PRODUCT LIABILITY OR OTHERWISE. ADDITIONALLY, IN NO EVENT SHALL COMPANY’S LICENSORS OR PROVIDERS BE LIABLE FOR ANY DIRECT DAMAGES OF ANY KIND.

Waiver of Consequential Damages. IN NO EVENT SHALL COMPANY OR ITS LICENSORS OR SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, PUNITIVE OR CONSEQUENTIAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOSS OF DATA OR LOSS OF PROFITS, WITHOUT REGARD TO WHETHER SUCH CLAIM IS BASED IN CONTRACT, TORT (INCLUDING NEGLIGENCE), PRODUCT LIABILITY OR OTHERWISE, EVEN IF COMPANY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

Essential Purpose. The essential purpose of this Section 13 is to limit the potential liability of the parties arising under this Agreement. The parties acknowledge that the limitations set forth in this Section 13 are intricate to the amount of consideration levied in connection with the license of the Swordfish Service and that, were Company to assume any further liability, such consideration would out of necessity, been set much higher.

GENERAL. All notices to a party shall be in writing and sent to the addresses specified in the Customer information provided to Company or such other address as a party notifies the other party, and shall be deemed to have been duly given when received, if personally delivered; when receipt is electronically confirmed, if transmitted by facsimile or email; the day after it is sent, if sent for next day delivery by recognized overnight delivery service; and upon receipt, if sent by certified or registered mail, return receipt requested. This Agreement may not be assigned or transferred by Customer, by merger, operation of law or otherwise, without Company’s prior written consent. Any assignment in derogation of the foregoing is null and void. Company may freely assign or transfer this Agreement. This Agreement shall inure to the benefit of each party’s successors and permitted assigns. This Agreement, together with all addenda, schedules, and exhibits, constitutes the entire agreement between the parties and supersedes all prior or contemporaneous agreements and understandings between the parties relating to the subject matter hereof. Customer acknowledges and agrees that the Swordfish Service and technology subject to this Agreement are subject to the export and reexport control laws and regulations of the United States and any applicable jurisdiction, including but not limited to the Export Administration Regulations (“EAR”), and sanctions regimes of the U.S. Department of Treasury, Office of Foreign Asset Controls. Customer will comply with these laws and regulations. Customer shall not without prior U.S. government authorization, export, reexport, or transfer any goods, software, or technology subject to this Agreement, either directly or indirectly, to any country subject to a U.S. trade embargo (currently Cuba, Iran, North Korea, Sudan, and Syria) or to any resident or national of any such country, or to any person or entity listed on the “Entity List” or “Denied Persons List” maintained by the U.S. Department of Commerce or the list of “Specifically Designated Nationals and Blocked Persons" maintained by the U.S. Department of Treasury. This Agreement may be amended or superseded only by a written instrument signed by both parties. This Agreement shall be governed by the laws of the state of Florida, excluding its conflict of laws rules. The parties agree that the United Nations Convention for the International Sale of Goods is excluded in its entirety from this Agreement. Any provision of this Agreement held to be unenforceable shall not affect the enforceability of any other provisions of this Agreement. In the event of any conflict between the terms of this Agreement and the terms of any agreement, the terms of this Agreement shall control. Neither party shall be in default if its failure to perform any obligation under this Agreement is caused solely by supervening conditions beyond that party’s reasonable control, including acts of God, civil commotion, war, strikes, labor disputes, third party Internet service interruptions or slowdowns, vandalism or “hacker” attacks, acts of terrorism or governmental demands or requirements. Pre-printed terms and conditions on or attached to any Customer purchase order shall be of no force or effect.

MARKETING. Company may use Customer’s name as part of a general list of customers and may refer to Customer as a user of the Swordfish Service in its general advertising and marketing materials.

JavaScript is currently disabled.Please enable it for a better experience of Jumi.